5.5
CVE-2024-36954
- EPSS 0.25%
- Veröffentlicht 30.05.2024 16:15:18
- Zuletzt bearbeitet 14.01.2025 16:27:50
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
tipc: fix a possible memleak in tipc_buf_append
In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after __skb_linearize(), so that the skb can be freed on the err path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.4.271 < 4.5
Linux ≫ Linux Kernel Version >= 4.9.271 < 4.10
Linux ≫ Linux Kernel Version >= 4.14.235 < 4.15
Linux ≫ Linux Kernel Version >= 4.19.193 < 4.19.314
Linux ≫ Linux Kernel Version >= 5.4.124 < 5.4.276
Linux ≫ Linux Kernel Version >= 5.10.42 < 5.10.217
Linux ≫ Linux Kernel Version >= 5.12.9 < 5.15.159
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.91
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.31
Linux ≫ Linux Kernel Version >= 6.7 < 6.8.10
Linux ≫ Linux Kernel Version6.9 Updaterc1
Linux ≫ Linux Kernel Version6.9 Updaterc2
Linux ≫ Linux Kernel Version6.9 Updaterc3
Linux ≫ Linux Kernel Version6.9 Updaterc4
Linux ≫ Linux Kernel Version6.9 Updaterc5
Linux ≫ Linux Kernel Version6.9 Updaterc6
Debian ≫ Debian Linux Version10.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.16 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
https://git.kernel.org/stable/c/01cd1b7b685751ee422d00d050292a3d277652d6
https://git.kernel.org/stable/c/2f87fd9476cf9725d774e6dcb7d17859c6a6d1ae
https://git.kernel.org/stable/c/3210d34fda4caff212cb53729e6bd46de604d565
https://git.kernel.org/stable/c/42c8471b0566c7539e7dd584b4d0ebd3cec8cb2c
https://git.kernel.org/stable/c/614c5a5ae45a921595952117b2e2bd4d4bf9b574
https://git.kernel.org/stable/c/97bf6f81b29a8efaf5d0983251a7450e5794370d
https://git.kernel.org/stable/c/adbce6d20da6254c86425a8d4359b221b5ccbccd
https://git.kernel.org/stable/c/d03a82f4f8144befdc10518e732e2a60b34c870e